CVE-2026-0872
2.5
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:P
Summary
Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Thales | SafeNet Agent for Windows Logon | 4.0.0 | affected |
| Thales | SafeNet Agent for Windows Logon | 4.1.1 | affected |
| Thales | SafeNet Agent for Windows Logon | 4.1.2 | affected |
Weaknesses
- CWE-295: CWE-295 Improper Certificate Validation
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://thalesdocs.com/sta/agents/wla-windows_logon/wla-preinstallation_passwordless/index.html
- https://supportportal.thalesgroup.com/csm?sys_kb_id=247fd4a42b4a7290061af3f5f291bff1&id=kb_article_view&sysparm_rank=1&sysparm_tsqueryId=5ecb72c73b927610381ecfaf55e45a0b&sysparm_article=KB0030173
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.